<?php
    require('conn.cfg.php');
    require('includes/expresscheckout.php');
   
    if(isset($_SESSION['isAuthenticated']) && $_SESSION['isAuthenticated'] == 1){			
	
		/*
		$requestParams = array(
			'RETURNURL' => urlencode('http://127.0.0.1/x2performance/ordercheck.php?ack=ok'),
			'CANCELURL' => urlencode('http://127.0.0.1/x2performance/ordercheck.php?ack=ko')
		);
	
		$orderParams = array(
			PAYMENTREQUEST_0_PAYMENTACTION' => 'Authorization',
			PAYMENTREQUEST_0_DESC' => urlencode('X2Perfromance site'),
			PAYMENTREQUEST_0_AMT' => '496',
			PAYMENTREQUEST_0_CURRENCYCODE' => 'USD'
			//'PAYMENTREQUEST_0_SHIPPINGAMT' => '0',
			//'PAYMENTREQUEST_0_TAXAMT' => '0',
			//'PAYMENTREQUEST_0_INSURANCEAMT' => '0',
			//'PAYMENTREQUEST_0_HANDLINGAMT' => '0',        
			//'PAYMENTREQUEST_0_ITEMAMT' => '496'
		);
	
		$item0 = array(
			'L_PAYMENTREQUEST_0_NAME0' => 'iPhone',
			'L_PAYMENTREQUEST_0_NUMBER0' => '999666',
			'L_PAYMENTREQUEST_0_DESC0' => urlencode('White iPhone, 16GB'),
			'L_PAYMENTREQUEST_0_AMT0' => '496',
			'L_PAYMENTREQUEST_0_QTY0' => '1'
		);
		*/
		
		// if the shopping-cart exists => send request payment to paypal
		if(isset($_SESSION['cart']) && is_array($_SESSION['cart'])){
			
			$max = count($_SESSION['cart']);
			$total = 0;
			$items = '&';        
			for($i=0;$i<$max;$i++){            
				
				$pid = $_SESSION['cart'][$i]['productid'];
				$qty = intval($_SESSION['cart'][$i]['qty']);
				$discount = intval($_SESSION['cart'][$i]['discount']);
				
				//retreive product information in database by id
				$result = mysql_query("SELECT product_name, short_desc, price FROM x2_products WHERE ID=$pid");
				if ($row = mysql_fetch_assoc($result)) {
					$pname = urlencode($row['product_name']);
					$item_amt = $row['price'] - $discount;
					$desc = "Actual price: $" . $row['price'] . " discount $" . $discount . " on each item";
					$items.="L_PAYMENTREQUEST_0_DESC0=$desc&L_PAYMENTREQUEST_0_NUMBER$i=$pid&L_PAYMENTREQUEST_0_NAME$i=$pname&L_PAYMENTREQUEST_0_AMT$i=$item_amt&L_PAYMENTREQUEST_0_QTY$i=$qty&";
					$total += $item_amt * $qty;
				}
			}
			// Set request-specific fields.        
			$paymentAmount = $total;
			$currencyID = DEFAULT_CURRENCY;  // or other currency code ('GBP', 'EUR', 'JPY', 'CAD', 'AUD')
			$paymentType = AUTHORIZATION;	// or 'Sale' or 'Order'
			$paymentReq_desc = PAYMENT_DESC;
	
			$returnURL = urlencode("http://127.0.0.1/x2performance/ordercheck.php?ack=ok");
			$cancelURL = urlencode("http://127.0.0.1/x2performance/ordercheck.php?ack=ko");    
	
			// Add request-specific fields to the request string.
			$nvpStr = "&PAYMENTREQUEST_0_PAYMENTACTION=$paymentType&RETURNURL=$returnURL&CANCELURL=$cancelURL&PAYMENTREQUEST_0_AMT=$paymentAmount&PAYMENTREQUEST_0_CURRENCYCODE=$currencyID&PAYMENTREQUEST_0_DESC=$paymentReq_desc";
			//$nvpStr .= "&L_PAYMENTREQUEST_0_NAME0=$item_name&L_PAYMENTREQUEST_0_AMT0=$item_amt&L_PAYMENTREQUEST_0_QTY0=$item_qty";
			$nvpStr .= $items;
	
			// Execute the API operation; see the PPHttpPost function above.
			$httpParsedResponseAr = PPHttpPost('SetExpressCheckout', $nvpStr);
	
			if("SUCCESS" == strtoupper($httpParsedResponseAr["ACK"]) || "SUCCESSWITHWARNING" == strtoupper($httpParsedResponseAr["ACK"])) {
	
				// Redirect to paypal.com.                                    
				$token = urldecode($httpParsedResponseAr["TOKEN"]);
				$payPalURL = "https://www.paypal.com/webscr&cmd=_express-checkout&token=$token";
				if("sandbox" === $environment || "beta-sandbox" === $environment) {
						$payPalURL = "https://www.$environment.paypal.com/webscr&cmd=_express-checkout&token=$token";
				}
				header("Location: $payPalURL");
				exit;
			} else  {
				exit('SetExpressCheckout failed: ' . print_r($httpParsedResponseAr, true));
			}
		}else{
			header("Location: index.html");
		}
	}else{
		header("Location: login.php");
	}	
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>X2PERFORMANCE :: Shipping</title>
<link rel="stylesheet" href="assets/css/reset.css" />
<link rel="stylesheet" href="assets/css/text.css" />
<link rel="stylesheet" href="assets/css/960.css" />
<link rel="stylesheet" href="assets/css/style.css" />
<link rel="SHORTCUT ICON" href="favicon.ico"/>
<script type="text/javascript" src="assets/js/jquery-1.5.2.min.js"></script>
<script type="text/javascript" src="assets/js/kickstart.js"></script>
<script type="text/javascript" src="assets/js/script00.js"></script>
<script type="text/javascript" src="assets/js/skimlink.js"></script>
<script type="text/javascript" src="assets/js/jquery.cycle.js"></script>
<script type="text/javascript" src="assets/js/slideshow.js"></script>
<link rel="stylesheet" href="assets/css/coda-slider.css" type="text/css" media="screen" title="no title" charset="utf-8">
<script src="assets/js/jquery_002.js" type="text/javascript"></script>
<script src="assets/js/jquery_003.js" type="text/javascript" charset="utf-8"></script>
<script src="assets/js/jquery.js" type="text/javascript" charset="utf-8"></script>
<!--<script src="assets/js/coda-slider.js" type="text/javascript" charset="utf-8"></script>-->

<!--[if IE 7]>
	<style>
    #bottle{ margin-left:-335px;}
    #nav {height:45px;}
    #nav li { display: inline;margin-bottom:8px;}
    </style>
<![endif]-->
<!-- CuFon: Enables smooth pretty custom font rendering. 100% SEO friendly. To disable, remove this section -->
<script type="text/javascript" src="assets/js/cufon-yui.js"></script>
<script type="text/javascript" src="assets/js/PT_Sans_400-PT_Sans_700-PT_Sans_italic_400-PT_Sans_italic_700.font.js"></script>
<script type="text/javascript" src="assets/js/cuf_run.js"></script>
<!-- CuFon ends -->
</head>
<body>
    
<div  id="header">
  <div class="container_16">
    <noscript>
    <div class="alert"> In order to be able to view this website, Javascript needs to be active in your web browser. </div>
    </noscript>
    <div class="grid_8"> <a id="logo" href="index.html" title="X2 Performance"></a> </div>
    <div class="grid_3"> <a id="nsf" href="http://nsfsport.com/listings/certified_detail.asp?id=707999" title="NSF Certified for Sport" target="_blank"></a> </div>
    <div class="grid_5" id="topnavigation">
      <ul id="topnav">
        <!--<li><a href="">Login</a></li>
         <li><a>|</a></li>
        <li><a href="">Register</a></li>-->
        <li><span class="viewcart"></span><a href="free_trial.html">View cart</a></li>
      </ul>
    </div>
    <div class="clear"></div>
    <div class="grid_16" id="navigation">
      <ul id="nav">
        <li><a href="index.html" class="home">Home</a></li>
        <li><a href="about_us.html" class="aboutcompany">About Us</a></li>
        <li class="current_page_item current_page"><a href="services.html" class="x2performanceactive">X<sup>2</sup>PERFORMANCE</a></li>
        <li><a href="sport.html" class="sportcertified">sportcertified</a></li>
        <li><a href="contact_us.html" class="contact">Contact Us</a></li>
        <li><a href="blog.html" class="blog">Blog</a></li>
      </ul>
      <!--ul class="order">
        <li><a href="order_now.html" class="ordernow">Order now</a></li>
      </ul-->
    </div>
  </div>
</div>
<div class="container_16">
  <div class="grid_16 innerheader">
    <div class="innerheaderbg"></div>
    <h2>SHIPPING INFO</h2>
  </div>
  <div class="clear"></div>  
  <div id="productGrid">        
    <div id="contentProductDetail">
        <h2><?php if (isset($msg)){ echo $msg;}?></h2>
        
        <form method="post" action="https://api-3t.sandbox.paypal.com/nvp"> 
            <input type=hidden name="USER" value="jack_1345307114_biz_api1.gmail.com"> 
            <input type=hidden name="PWD" value="1345307137"> 
            <input type=hidden name="SIGNATURE" value="AKU2D5S.hpO3HGyTd0V69MKvws4wAml25EO5errcy7kODgwf97rc.OOl"> 
            <input type=hidden name="VERSION" value="65.0"> 
            <input type=hidden name="PAYMENTREQUEST_0_PAYMENTACTION" value="Authorization"> 
            <input name="PAYMENTREQUEST_0_AMT" value="10.00"> 
            <input type=hidden name="RETURNURL" value="http://localhost/x2performance/shipinfo.php?ack=ok"> 
            <input type=hidden name="CANCELURL" value="http://localhost/x2performance/shipinfo.php?ack=ok"> 
            <input type=submit name="METHOD" value="SetExpressCheckout"> 
	</form>
    </div>                 	
  </div>

</div>
<br clear="all">
<div id="footer">
  <div class="container_16">
    <div id="footersectionone">
      <div class="grid_1">
        <h3><a href="index.html">Home</a></h3>
      </div>
      <div class="grid_3 footermenucontainer">
        <h3><a href="about_us.html">About Us</a></h3>
        <ul class="mainlinks">
          <li><a href="about_us.html#ceomessage">CEO Message</a></li>
        </ul>
      </div>
      <div class="grid_3 footermenucontainer">
        <h3><a href="services.html">X<sup>2</sup>PERFORMANCE</a></h3>
        <ul class="mainlinks">
          <li><a href="services.html#science">Science</a></li>
          <li><a href="supplymentfacts.html">Supplement facts</a></li>
          <li><a href="instruction.html">Instructions</a></li>
          <li><a href="pricing.html">Pricing</a></li>
          <li><a href="testimonial.php">Testimonials</a></li>
        </ul>
      </div>
      
      <div class="grid_2">
        <h3><a href="contact_us.html">Contact Us</a></h3>
        <ul class="mainlinks">
          <li><a href="privacy.html">Privacy Policy</a></li>
          <li><a href="terms.html">Terms</a></li>
        </ul>
      </div>
      <div class="grid_2">
        <h3><a href="sport.html">Sport certified</a></h3>
      </div>
      <div class="grid_1">
        <h3><a href="blog.html">Blog</a></h3>
      </div>
      <div class="grid_5" id="socialicons">
        <h3>CONNECT WITH US</h3>
        <a id="twitter" href="http://twitter.com/#!/x2performance" title="Twitter" target="_blank"></a> <a id="facebook" href="http://www.facebook.com/X2PERFORMANCE" title="Facebook" target="_blank"></a> <a id="youtube" href="http://www.youtube.com/user/TEAMX2PERFORMANCE/featured" title="You Tube" target="_blank"></a> <a id="googleplus" href="https://plus.google.com/109519688499936342953/posts" title="Google Plus" target="_blank"></a> </div>
      <div class="clear"></div>
    </div>
    <div id="footersectiontwo"> <span id="footerlogo"></span>
      <h3><span>MAKE IT HAPPEN <sup>®</sup></span><br/>
        PROUDLY MADE IN THE USA &copy; 2012 Advanced Bio Development LLC</h3>
      <span id="footerlogo2"></span> </div>
  </div>
 
</div>
<script type="text/javascript" src="assets/js/menu.js"></script>
</body>
</html>